From patchwork Mon Oct 8 07:16:16 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 517 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director8.mail.ord1d.rsapps.net ([172.28.255.1]) by backend30.mail.ord1d.rsapps.net with LMTP id mAG/ASGfu1tALAAAIUCqbw for ; Mon, 08 Oct 2018 14:17:05 -0400 Received: from director8.mail.ord1c.rsapps.net ([172.28.255.1]) by director8.mail.ord1d.rsapps.net with LMTP id mO5ZASGfu1sySAAAfY0hYg ; Mon, 08 Oct 2018 14:17:05 -0400 Received: from smtp39.gate.ord1c ([172.28.255.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by director8.mail.ord1c.rsapps.net with LMTP id mI5FByGfu1tzLAAAPBwpBw ; Mon, 08 Oct 2018 14:17:05 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp39.gate.ord1c.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: 5ab692bc-cb26-11e8-8011-5452006c005a-1-1 Received: from [216.105.38.7] ([216.105.38.7:58892] helo=lists.sourceforge.net) by smtp39.gate.ord1c.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 6C/94-09543-E1F9BBB5; Mon, 08 Oct 2018 14:17:03 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1g9a52-0000G8-HM; Mon, 08 Oct 2018 18:16:32 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1g9a51-0000Fu-EX for openvpn-devel@lists.sourceforge.NET; Mon, 08 Oct 2018 18:16:31 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:To: From:Sender:Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=/7IoVy2f5j0up/+ZwqSO7nGJMTctYHeCkPpamBMJMio=; b=ZjnrN5eYJOnMWQ0ICitmXxJkk+ kTczOTbf2WqWWQqFH+Zb3IqhJYR0zVYiO/vuoXacshVeENNa3j3rjCyIx9FI+IcTQXqZJXZG0Lhe4 OoyPtdRSsKSA6tTmaLXABFb2/BHMX/oTvvwCrvaNPjb+21N1IRHNjnboz59XCpuOr4dM=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=/7IoVy2f5j0up/+ZwqSO7nGJMTctYHeCkPpamBMJMio=; b=V1pVFQ/+9Djri6meBXbgska5E+ 1IcIxBP1R73+JJgd52ZkjW3H8L2NdmiBQQhrfivZEP2JY+JNVjkCw/wew2J8cF7JTvesiTt8194KR 03yDlO/5Hyl7OsJt4O4vhhp+Vm/YlY0w06A2asv440ELX5fI47ybQG/PKx+LP+EVYyME=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-4.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) id 1g9a4z-00Ebvm-Ul for openvpn-devel@lists.sourceforge.NET; Mon, 08 Oct 2018 18:16:31 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.91 (FreeBSD)) (envelope-from ) id 1g9a4o-000APw-F0 for openvpn-devel@lists.sourceforge.net; Mon, 08 Oct 2018 20:16:18 +0200 Received: (nullmailer pid 9023 invoked by uid 10006); Mon, 08 Oct 2018 18:16:18 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Mon, 8 Oct 2018 20:16:16 +0200 Message-Id: <20181008181618.8976-2-arne@rfc2549.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181008181618.8976-1-arne@rfc2549.org> References: <20181008181618.8976-1-arne@rfc2549.org> X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 AWL AWL: Adjusted score from AWL reputation of From: address X-Headers-End: 1g9a4z-00Ebvm-Ul Subject: [Openvpn-devel] [PATCH 2/4] Remove AUTO_USERID feature X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox There is no user facing way to enable this feature and way that feature works (username build from MAC of primary net device) is questionable. It also does not compile anymore. Acked-by: Gert Doering --- src/openvpn/errlevel.h | 1 - src/openvpn/misc.c | 45 ------------------------------------------ src/openvpn/misc.h | 5 ----- src/openvpn/ssl.c | 4 ---- src/openvpn/syshead.h | 9 --------- 5 files changed, 64 deletions(-) diff --git a/src/openvpn/errlevel.h b/src/openvpn/errlevel.h index 5ca4fa8f..c30284fc 100644 --- a/src/openvpn/errlevel.h +++ b/src/openvpn/errlevel.h @@ -139,7 +139,6 @@ #define D_PACKET_TRUNC_DEBUG LOGLEV(7, 70, M_DEBUG) /* PACKET_TRUNCATION_CHECK verbose */ #define D_PING LOGLEV(7, 70, M_DEBUG) /* PING send/receive messages */ #define D_PS_PROXY_DEBUG LOGLEV(7, 70, M_DEBUG) /* port share proxy debug */ -#define D_AUTO_USERID LOGLEV(7, 70, M_DEBUG) /* AUTO_USERID debugging */ #define D_TLS_KEYSELECT LOGLEV(7, 70, M_DEBUG) /* show information on key selection for data channel */ #define D_ARGV_PARSE_CMD LOGLEV(7, 70, M_DEBUG) /* show parse_line() errors in argv_parse_cmd */ #define D_CRYPTO_DEBUG LOGLEV(7, 70, M_DEBUG) /* show detailed info from crypto.c routines */ diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c index 51d539d2..75f4ff47 100644 --- a/src/openvpn/misc.c +++ b/src/openvpn/misc.c @@ -455,51 +455,6 @@ get_auth_challenge(const char *auth_challenge, struct gc_arena *gc) #endif /* ifdef ENABLE_MANAGEMENT */ -#if AUTO_USERID - -void -get_user_pass_auto_userid(struct user_pass *up, const char *tag) -{ - struct gc_arena gc = gc_new(); - struct buffer buf; - uint8_t macaddr[6]; - static uint8_t digest [MD5_DIGEST_LENGTH]; - static const uint8_t hashprefix[] = "AUTO_USERID_DIGEST"; - - const md_kt_t *md5_kt = md_kt_get("MD5"); - md_ctx_t *ctx; - - CLEAR(*up); - buf_set_write(&buf, (uint8_t *)up->username, USER_PASS_LEN); - buf_printf(&buf, "%s", TARGET_PREFIX); - if (get_default_gateway_mac_addr(macaddr)) - { - dmsg(D_AUTO_USERID, "GUPAU: macaddr=%s", format_hex_ex(macaddr, sizeof(macaddr), 0, 1, ":", &gc)); - ctx = md_ctx_new(); - md_ctx_init(ctx, md5_kt); - md_ctx_update(ctx, hashprefix, sizeof(hashprefix) - 1); - md_ctx_update(ctx, macaddr, sizeof(macaddr)); - md_ctx_final(ctx, digest); - md_ctx_cleanup(ctx); - md_ctx_free(ctx); - buf_printf(&buf, "%s", format_hex_ex(digest, sizeof(digest), 0, 256, " ", &gc)); - } - else - { - buf_printf(&buf, "UNKNOWN"); - } - if (tag && strcmp(tag, "stdin")) - { - buf_printf(&buf, "-%s", tag); - } - up->defined = true; - gc_free(&gc); - - dmsg(D_AUTO_USERID, "GUPAU: AUTO_USERID: '%s'", up->username); -} - -#endif /* if AUTO_USERID */ - void purge_user_pass(struct user_pass *up, const bool force) { diff --git a/src/openvpn/misc.h b/src/openvpn/misc.h index 7092685f..fad53de8 100644 --- a/src/openvpn/misc.h +++ b/src/openvpn/misc.h @@ -158,11 +158,6 @@ void configure_path(void); const char *sanitize_control_message(const char *str, struct gc_arena *gc); -#if AUTO_USERID -void get_user_pass_auto_userid(struct user_pass *up, const char *tag); - -#endif - /* * /sbin/ip path, may be overridden */ diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index 0a947c6e..5a136d69 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -410,9 +410,6 @@ auth_user_pass_setup(const char *auth_file, const struct static_challenge_info * auth_user_pass_enabled = true; if (!auth_user_pass.defined && !auth_token.defined) { -#if AUTO_USERID - get_user_pass_auto_userid(&auth_user_pass, auth_file); -#else #ifdef ENABLE_MANAGEMENT if (auth_challenge) /* dynamic challenge/response */ { @@ -438,7 +435,6 @@ auth_user_pass_setup(const char *auth_file, const struct static_challenge_info * else #endif /* ifdef ENABLE_MANAGEMENT */ get_user_pass(&auth_user_pass, auth_file, UP_TYPE_AUTH, GET_USER_PASS_MANAGEMENT); -#endif /* if AUTO_USERID */ } } diff --git a/src/openvpn/syshead.h b/src/openvpn/syshead.h index 807f7b9b..d2a50341 100644 --- a/src/openvpn/syshead.h +++ b/src/openvpn/syshead.h @@ -643,15 +643,6 @@ socket_defined(const socket_descriptor_t sd) #define CONNECT_NONBLOCK #endif -/* - * Do we have the capability to support the AUTO_USERID feature? - */ -#if defined(ENABLE_AUTO_USERID) -#define AUTO_USERID 1 -#else -#define AUTO_USERID 0 -#endif - /* * Compression support */ From patchwork Mon Oct 8 07:16:17 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 518 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director7.mail.ord1d.rsapps.net ([172.30.191.6]) by backend30.mail.ord1d.rsapps.net with LMTP id cLYjFS2fu1ukNQAAIUCqbw for ; Mon, 08 Oct 2018 14:17:17 -0400 Received: from proxy19.mail.ord1d.rsapps.net ([172.30.191.6]) by director7.mail.ord1d.rsapps.net with LMTP id kETGFC2fu1t2SAAAovjBpQ ; Mon, 08 Oct 2018 14:17:17 -0400 Received: from smtp39.gate.ord1c ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy19.mail.ord1d.rsapps.net with LMTP id mOyOFC2fu1t4NwAAyH2SIw ; Mon, 08 Oct 2018 14:17:17 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp39.gate.ord1c.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: 62d02558-cb26-11e8-8011-5452006c005a-1-1 Received: from [216.105.38.7] ([216.105.38.7:34304] helo=lists.sourceforge.net) by smtp39.gate.ord1c.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id CA/B4-09543-C2F9BBB5; Mon, 08 Oct 2018 14:17:16 -0400 Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1g9a4y-0002Ta-0P; Mon, 08 Oct 2018 18:16:28 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1g9a4x-0002TU-8S for openvpn-devel@lists.sourceforge.NET; Mon, 08 Oct 2018 18:16:27 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:To: From:Sender:Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=tCM+He1UUUdcLryCUGS5cerAmi7Wj+I2JHQOaW4sAbc=; b=T+rDnc9vshRjQ4T9nG8uth52Fi oAT7MwbDXjf12mMX2xxJafhIdXdPJ4P0DPIa4AIyWqG8u6uHLu9sqqoMfG4GZv22rKMRDtqjIXNXe Ka0NcbZur8OTtjgoSdLNMNffLo+guHX6bOa3aktSCpAF1pDwc+Pv08odgRe50cnrdyOk=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=tCM+He1UUUdcLryCUGS5cerAmi7Wj+I2JHQOaW4sAbc=; b=JEtz8FObPl7kwXSpqqT3K/54Ng pq2oAyvfHroFOJ9YtfAfgS1c0MVJW9N6VlN5t08TYknmsjl1QTDqSCQaPQeM/jInZyL3pL86BmHrv zHobpEaITKPifBdLFvRLeooJhZvldyp6ZJK6pjCd4B7CUbX5uvhED9xuVPc3o1r3R03Y=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-3.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) id 1g9a4v-00EaKi-65 for openvpn-devel@lists.sourceforge.NET; Mon, 08 Oct 2018 18:16:27 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.91 (FreeBSD)) (envelope-from ) id 1g9a4o-000AQ1-HY for openvpn-devel@lists.sourceforge.net; Mon, 08 Oct 2018 20:16:18 +0200 Received: (nullmailer pid 9026 invoked by uid 10006); Mon, 08 Oct 2018 18:16:18 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Mon, 8 Oct 2018 20:16:17 +0200 Message-Id: <20181008181618.8976-3-arne@rfc2549.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181008181618.8976-1-arne@rfc2549.org> References: <20181008181618.8976-1-arne@rfc2549.org> X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 AWL AWL: Adjusted score from AWL reputation of From: address X-Headers-End: 1g9a4v-00EaKi-65 Subject: [Openvpn-devel] [PATCH 3/4] Add support for OpenSSL TLS 1.3 when using management-external-key X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox For TLS 1.0 to 1.2 OpenSSL calls us and requires a PKCS1 padded response, for TLS 1.3 it requires to an unpadded response. Since we can PCKS1 pad an unpadded response, we prefer to always query for an unpadded response from the management interface and add the PCKS1 padding ourselves when needed. This patch adds an 'unpadded' parameter to the management-external-key option to signal that it is uses the new unpadded API. Since we cannot support TLS 1.3 without unpadded queries we disable TLS 1.3 otherwise. We also do the same for cryptoapi since it uses the same API. Using the management api client version instead might seem like the more logical way but since we only now that version very late, it would extra logic and complexity to deal with this asynchronous behaviour . --- doc/management-notes.txt | 7 ++++- src/openvpn/manage.h | 9 ++++--- src/openvpn/options.c | 57 +++++++++++++++++++++++++++++++++++++-- src/openvpn/ssl_openssl.c | 26 +++++++++++++----- 4 files changed, 85 insertions(+), 14 deletions(-) diff --git a/doc/management-notes.txt b/doc/management-notes.txt index 17645c1d..7e61ff50 100644 --- a/doc/management-notes.txt +++ b/doc/management-notes.txt @@ -832,7 +832,12 @@ END Base 64 encoded output of RSA_private_encrypt for RSA or ECDSA_sign() for EC using OpenSSL or mbedtls_pk_sign() using mbed TLS will provide a -correct signature. +correct signature. With the 'nopadding' argument to the +external-management-interface the interface expects unpadded signatures +(RSA_NO_PADDING in OpenSSL). When the 'nopadding' keyword is missing the +interfaces expects PKCS1 padded signatures for RSA keys (RSA_PKCS1_PADDING). +EC signatures are always unpadded. To support TLS 1.3 using unpadded +signatures is required. This capability is intended to allow the use of arbitrary cryptographic service providers with OpenVPN via the management interface. diff --git a/src/openvpn/manage.h b/src/openvpn/manage.h index d24abe09..4fe66abf 100644 --- a/src/openvpn/manage.h +++ b/src/openvpn/manage.h @@ -343,10 +343,11 @@ struct management *management_init(void); #endif #define MF_UNIX_SOCK (1<<8) #define MF_EXTERNAL_KEY (1<<9) -#define MF_UP_DOWN (1<<10) -#define MF_QUERY_REMOTE (1<<11) -#define MF_QUERY_PROXY (1<<12) -#define MF_EXTERNAL_CERT (1<<13) +#define MF_EXTERNAL_KEY_NOPADDING (1<<10) +#define MF_UP_DOWN (1<<11) +#define MF_QUERY_REMOTE (1<<12) +#define MF_QUERY_PROXY (1<<13) +#define MF_EXTERNAL_CERT (1<<14) bool management_open(struct management *man, const char *addr, diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 111534a5..61762791 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -3025,6 +3025,35 @@ options_postprocess_verify(const struct options *o) } } +#if defined(ENABLE_CRYPTOAPI) || (defined(ENABLE_CRYPTO_OPENSSL) && defined(ENABLE_MANAGEMENT)) +static void +disable_tls13_if_avilable(struct options *o, const char* msg) +{ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + const int tls_version_max = + (o->ssl_flags >> SSLF_TLS_VERSION_MAX_SHIFT) & + SSLF_TLS_VERSION_MAX_MASK; + + /* + * The library we are *linked* against is OpenSSL 1.1.1 and therefore support TLS 1.3 + * this need to be a runtime version check since we can be compiled against 1.1.0 and + * then the library can be upgraded to 1.1.1 + */ + if (OpenSSL_version_num() >= 0x1010100fL && + (tls_version_max == TLS_VER_UNSPEC || tls_version_max > TLS_VER_1_2)) + { + msg(M_WARN, "%s Setting maximum TLS version to 1.2 ", msg); + o->ssl_flags &= ~(SSLF_TLS_VERSION_MAX_MASK << + SSLF_TLS_VERSION_MAX_SHIFT); + o->ssl_flags |= (TLS_VER_1_1 << SSLF_TLS_VERSION_MAX_SHIFT); + + } +#else + return; +#endif +} +#endif + static void options_postprocess_mutate(struct options *o) { @@ -3105,6 +3134,26 @@ options_postprocess_mutate(struct options *o) } #endif +#if defined(ENABLE_CRYPTO_MBEDTLS) && defined(MANAGMENT_EXTERNAL_KEY) + if (o->management_flags & MF_EXTERNAL_KEY_NOPADDING) + { + msg(M_FATAL, "mbed TLS does not support the 'nopadding' argument for the --management-external-key option"); + } +#endif + +#if defined(ENABLE_CRYPTOAPI) + if (o->cryptoapi_cert) + { + disable_tls13_if_avilable(o, "Warning: cryptapicert used."); + } +#endif +#if defined(ENABLE_CRYPTO_OPENSSL) && defined(ENABLE_MANAGEMENT) + if ((o->management_flags & MF_EXTERNAL_KEY) && !(o->management_flags & MF_EXTERNAL_KEY_NOPADDING)) + { + disable_tls13_if_avilable(o, "Warning: Using management-external-key " + "without nopadding option."); + } +#endif #if P2MP /* * Save certain parms before modifying options via --pull @@ -5178,9 +5227,13 @@ add_option(struct options *options, options->management_write_peer_info_file = p[1]; } #ifdef ENABLE_MANAGEMENT - else if (streq(p[0], "management-external-key") && !p[1]) + else if (streq(p[0], "management-external-key") && !p[2]) { VERIFY_PERMISSION(OPT_P_GENERAL); + if (p[1] && streq(p[1], "nopadding")) + { + options->management_flags |= MF_EXTERNAL_KEY_NOPADDING; + } options->management_flags |= MF_EXTERNAL_KEY; } else if (streq(p[0], "management-external-cert") && p[1] && !p[2]) @@ -8440,4 +8493,4 @@ add_option(struct options *options, } err: gc_free(&gc); -} \ No newline at end of file +} diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c index 3f1f4658..30320453 100644 --- a/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c @@ -1100,15 +1100,27 @@ openvpn_extkey_rsa_finish(RSA *rsa) */ static int get_sig_from_man(const unsigned char *dgst, unsigned int dgstlen, - unsigned char *sig, unsigned int siglen) + unsigned char *sig, unsigned int siglen, bool pkcs1pad) { char *in_b64 = NULL; char *out_b64 = NULL; int len = -1; + int bencret = -1; - /* convert 'dgst' to base64 */ - if (management - && openvpn_base64_encode(dgst, dgstlen, &in_b64) > 0) + if ((management->settings.flags & MF_EXTERNAL_KEY_NOPADDING) > 2 && pkcs1pad) + { + /* + * Add PKCS1 signature and replace input with it + * Use our output buffer also als temporary buffer + */ + RSA_padding_add_PKCS1_type_1(sig, siglen, dgst, dgstlen); + bencret = openvpn_base64_encode(sig, siglen, &in_b64); + } + else + { + bencret = openvpn_base64_encode(dgst, dgstlen, &in_b64); + } + if (management && bencret > 0) { out_b64 = management_query_pk_sig(management, in_b64); } @@ -1129,13 +1141,13 @@ rsa_priv_enc(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, i unsigned int len = RSA_size(rsa); int ret = -1; - if (padding != RSA_PKCS1_PADDING) + if (padding != RSA_PKCS1_PADDING && padding != RSA_NO_PADDING) { RSAerr(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE); return -1; } - ret = get_sig_from_man(from, flen, to, len); + ret = get_sig_from_man(from, flen, to, len, padding == RSA_PKCS1_PADDING); return (ret == len)? ret : -1; } @@ -1229,7 +1241,7 @@ ecdsa_sign(int type, const unsigned char *dgst, int dgstlen, unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv, const BIGNUM *r, EC_KEY *ec) { int capacity = ECDSA_size(ec); - int len = get_sig_from_man(dgst, dgstlen, sig, capacity); + int len = get_sig_from_man(dgst, dgstlen, sig, capacity, false); if (len > 0) { From patchwork Mon Oct 8 07:16:18 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 519 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director12.mail.ord1d.rsapps.net ([172.30.191.6]) by backend30.mail.ord1d.rsapps.net with LMTP id +BpILDGfu1u6FgAAIUCqbw for ; Mon, 08 Oct 2018 14:17:21 -0400 Received: from proxy4.mail.ord1d.rsapps.net ([172.30.191.6]) by director12.mail.ord1d.rsapps.net with LMTP id kCtVKzGfu1vAXAAAIasKDg ; Mon, 08 Oct 2018 14:17:21 -0400 Received: from smtp22.gate.ord1c ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy4.mail.ord1d.rsapps.net with LMTP id qIDeKjGfu1vYIwAAiYrejw ; Mon, 08 Oct 2018 14:17:21 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp22.gate.ord1c.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: 651cb56a-cb26-11e8-9aa8-a0369f0d84d2-1-1 Received: from [216.105.38.7] ([216.105.38.7:50334] helo=lists.sourceforge.net) by smtp22.gate.ord1c.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id EA/A0-31982-03F9BBB5; Mon, 08 Oct 2018 14:17:20 -0400 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1g9a52-0005D5-66; Mon, 08 Oct 2018 18:16:32 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1g9a50-0005Cv-Oq for openvpn-devel@lists.sourceforge.NET; Mon, 08 Oct 2018 18:16:30 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:To: From:Sender:Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=nqQpnl9RxRsIe0gK3GdRGEunV2JHhR5yvf62uuyMbik=; b=jTaXYNy4hpXY+96zs93Y5LutzU /U71K4CZLDJ0ytj6sTtg+bBdByRDM/ucvQ9qqPX/wVbF4ODfcle8M/eCbC7xRzgnP2HwPfoly6NfZ Qan65lW0T1Uz7EL6i4H9hQ/TD+tNo7GrrKyeWfhQw/F6OxEjsbMy1GjyRB2v5lNXvoVo=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=nqQpnl9RxRsIe0gK3GdRGEunV2JHhR5yvf62uuyMbik=; b=RvrGtb96NMCSed7EfmIEorPtbH mucmRofSPW5ONQeBwDtNGTUhUUmXAqKTPKSm9U9tEYaxHHE15PVv8N9t8pE3ErXtmpWYOjS9MPTsk yE12330B3byi5qfwhPqyvRboX0CMKoaZJL1w7Shekr58+aTbPk0/PxdXIdbxDKgMCpbc=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) id 1g9a4z-003OJr-F3 for openvpn-devel@lists.sourceforge.NET; Mon, 08 Oct 2018 18:16:30 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.91 (FreeBSD)) (envelope-from ) id 1g9a4o-000AQ5-JO for openvpn-devel@lists.sourceforge.net; Mon, 08 Oct 2018 20:16:18 +0200 Received: (nullmailer pid 9029 invoked by uid 10006); Mon, 08 Oct 2018 18:16:18 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Mon, 8 Oct 2018 20:16:18 +0200 Message-Id: <20181008181618.8976-4-arne@rfc2549.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181008181618.8976-1-arne@rfc2549.org> References: <20181008181618.8976-1-arne@rfc2549.org> X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 AWL AWL: Adjusted score from AWL reputation of From: address X-Headers-End: 1g9a4z-003OJr-F3 Subject: [Openvpn-devel] [PATCH 4/4] Implement the nopadding option to management-external-key for mbed TLS X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Although mbed TLS does not have a TLS 1.3 API yet and we do not really know how mbed TLS will handle querying for TLS 1.3 signatures, being able to use the same API with OpenSSL and mbed TLS is a nice feature. Since mbed TLS does not expose a way to do pkcs1 padding, copy the trimmed down version of the pkcs1 copy to the OpenVPN source code. --- src/openvpn/options.c | 11 ++---- src/openvpn/ssl_mbedtls.c | 72 ++++++++++++++++++++++++++++++++++++++- 2 files changed, 73 insertions(+), 10 deletions(-) diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 61762791..fb7d8333 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -3025,11 +3025,11 @@ options_postprocess_verify(const struct options *o) } } -#if defined(ENABLE_CRYPTOAPI) || (defined(ENABLE_CRYPTO_OPENSSL) && defined(ENABLE_MANAGEMENT)) +#if defined(ENABLE_CRYPTOAPI) || defined(ENABLE_MANAGEMENT) static void disable_tls13_if_avilable(struct options *o, const char* msg) { -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(ENABLE_CRYPTO_MBEDTLS) const int tls_version_max = (o->ssl_flags >> SSLF_TLS_VERSION_MAX_SHIFT) & SSLF_TLS_VERSION_MAX_MASK; @@ -3134,13 +3134,6 @@ options_postprocess_mutate(struct options *o) } #endif -#if defined(ENABLE_CRYPTO_MBEDTLS) && defined(MANAGMENT_EXTERNAL_KEY) - if (o->management_flags & MF_EXTERNAL_KEY_NOPADDING) - { - msg(M_FATAL, "mbed TLS does not support the 'nopadding' argument for the --management-external-key option"); - } -#endif - #if defined(ENABLE_CRYPTOAPI) if (o->cryptoapi_cert) { diff --git a/src/openvpn/ssl_mbedtls.c b/src/openvpn/ssl_mbedtls.c index 6b4ddaf4..bb7e954c 100644 --- a/src/openvpn/ssl_mbedtls.c +++ b/src/openvpn/ssl_mbedtls.c @@ -619,6 +619,59 @@ tls_ctx_use_external_signing_func(struct tls_root_ctx *ctx, } #ifdef ENABLE_MANAGEMENT +/* + * Construct a PKCS v1.5 encoding of a hashed message. + * + * Taken and trimmed down version (only MBEDTLS_MD_NONE) of + * rsa_rsassa_pkcs1_v15_encode from mbedTLS 2.13.1 (53546ea0) + * + * This is used both for signature generation and verification. + * + * Parameters: + * - hashlen: Length of hash in case hashlen is MBEDTLS_MD_NONE. + * - hash: Buffer containing the hashed message or the raw data. + * - dst_len: Length of the encoded message. + * - dst: Buffer to hold the encoded message. + * + * Assumptions: + * - hash has size hashlen + * - dst points to a buffer of size at least dst_len. + * + */ +static int rsa_pkcs1_v15_pad(size_t hashlen, const unsigned char *hash, + size_t dst_len, unsigned char *dst) +{ + size_t nb_pad = dst_len; + unsigned char *p = dst; + + if (nb_pad < hashlen) + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + + nb_pad -= hashlen; + + + /* Need space for signature header and padding delimiter (3 bytes), + * and 8 bytes for the minimal padding */ + if (nb_pad < 3 + 8) + { + return (MBEDTLS_ERR_RSA_BAD_INPUT_DATA); + } + nb_pad -= 3; + + /* Now nb_pad is the amount of memory to be filled + * with padding, and at least 8 bytes long. */ + + /* Write signature header and padding */ + *p++ = 0; + *p++ = MBEDTLS_RSA_SIGN; + memset(p, 0xFF, nb_pad); + p += nb_pad; + *p++ = 0; + + /* we are signing raw data? */ + memcpy(p, hash, hashlen); + return 0; +} /** Query the management interface for a signature, see external_sign_func. */ static bool @@ -629,7 +682,24 @@ management_sign_func(void *sign_ctx, const void *src, size_t src_len, char *src_b64 = NULL; char *dst_b64 = NULL; - if (!management || (openvpn_base64_encode(src, src_len, &src_b64) <= 0)) + + if (!management) + { + goto cleanup; + } + if (management->settings.flags & MF_EXTERNAL_KEY_NOPADDING) + { + /* + * Add PKCS1 signature and replace input with it + * Use our output buffer also als temporary buffer + */ + if ((!rsa_pkcs1_v15_pad(src_len, src, dst_len, dst)) + || (openvpn_base64_encode(dst, dst_len, &src_b64) <= 0 )) + { + goto cleanup; + } + } + else if (openvpn_base64_encode(src, src_len, &src_b64) <= 0) { goto cleanup; }